The CMP Standard
The CMP standard was first introduced in 1999, with RFC 2510 (CMP) and 2511 (CRMF, the CMP message format). These were obsoleted in 2005 by RFC 4210 and 4211 respectively, defining CMPv2. CMPv2 remains the most widely used version of the standard, having been adopted for use within other standards such as 3GPP 33.310.
Updates were made to CMPv2 with RFC 6712 (which standardised CMP over HTTP), RFC 9480 (updates and clarifications to CMPv2), and RFC 9481 (algorithms for CMP).
CMPv3 was formally introduced in 2025 with RFC 9810, which obsoleted 4210 and 9480. RFC 9811 was also introduced, replacing RFC 6712.
CMPv2 is a broad standard, with many parts of the protocol left as optional features or recommendations. This means that many CMPv2-compatible clients and servers define their own implementation-specific profiles which may not always encompass the full standard or be entirely compatible with one another.
One of the primary goals of CMPv3 was to reduce ambiguity in the standard, allowing for greater interoperability between implementations. CMPv3 also deprecated several old, now-insecure cryptographic functions and algorithms in favour of more modern alternatives.
CMPv3 Security Updates
CMPv2 maintained support for several insecure algorithms and cryptographic functions for support on legacy systems.
CMPv3 explicitly deprecates these, and replaces them with newer, more secure alternatives. For example, CMPv3 deprecates the use of SHA-1 in favour of SHA-2 and requires support for the more secure password-based MAC algorithm PBMAC1.
The CMPv3 spec also clarifies and strengthens requirements for the use of nonces in requests and responses to prevent replay attacks, message freshness validation, and general improvements to transaction lifecycle handling.
A major addition introduced by CMPv3 is support for post-quantum algorithms. By allowing hash algorithms to be specified independently from signature algorithms, it becomes possible to use CMP to issue quantum-secure certificates with algorithms such as ML-DSA.
Crypto agility is a focus of the updated standard, ensuring that future cryptographic requirements can be met without needing major changes to the protocol or its implementations.
CMPv3 Technical Amendments
CMPv3 also brings some minor technical improvements and clarifications to the CMP protocol, greatly improving interoperability between implementations by reducing ambiguity. CMP implementations no longer need to define their own, often slightly incompatible, profiles of CMPv2.
Error handling is much improved, with several edge cases tidied up. CMPv3 guarantees that the server will always attempt to send a valid CMP error message if something goes wrong, even at the http level.
Polling support is expanded from basic asynchronous certificate issuance (CR/IR requests) to all major CMP functions such as Revocation Requests, General Message Requests, and legacy requests using PKCS10 CSRs.
General Messages are also expanded, with clients now able to request CRLs and CA certificate chains directly from the CA, within the CMP flow.
CMPv2 originally did not dictate anything about how its messages should be transported. RFC 6712 was introduced to formalise the usage of HTTP, but this left some gaps. RFC 9811 was released alongside the CMPv3 spec (RFC 9810), to solidify HTTP as the preferred transport mechanism, with TLS (or similar protection mechanisms) strongly recommended in the main CMPv3 standard.
Support and migration
CMPv2 is the most widely supported version of the standard, with most CMP clients and servers supporting it to some extent.
CMPv3, as a relatively new standard, is gaining traction as a more well-defined version of CMP, aided by its almost full backwards compatibility with most CMPv2 implementations.
Migrating between the standards is relatively straightforward. At least for most basic operations, any given CMPv2 client will be compatible with a CMPv3 server, in fact, the CMPv3 specification dictates that CMPv2 compatibility should be assumed, unless the client specifies otherwise.